urlscan.io logo urlscan.io
SecurityTrails logo

llf.kz Open in urlscan Pro
2a00:5da0:1000::105  Public Scan

Go To Rescan Add Verdict Report
URL: http://llf.kz/
Submission: On May 17 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 46 HTTP transactions. The main IP is 2a00:5da0:1000::105, located in Kazakhstan and belongs to PS, KZ. The main domain is llf.kz.
This is the only time llf.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 2a00:5da0:100... 48716 (PS)
3 6 195.210.46.45 48716 (PS)
2 9 2a02:6b8::1:119 13238 (YANDEX)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:5da0:100... 48716 (PS)
1 78.46.57.120 24940 (HETZNER-AS)
1 95.216.228.15 24940 (HETZNER-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
46 14
21    2a00:5da0:1000::105 (Kazakhstan)

ASN48716 (PS, KZ)
llf.kz
6    195.210.46.45 (Kazakhstan)

ASN48716 (PS, KZ)
PTR: srv-plesk05.ps.kz
mfl.kz
www.mfl.kz
9    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
informer.yandex.ru
mc.yandex.ru
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    2a00:5da0:1000:1::ec (Kazakhstan)

ASN48716 (PS, KZ)
zero.kz
1    78.46.57.120 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.120.57.46.78.clients.your-server.de
static.whatshelp.io
1    95.216.228.15 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.15.228.216.95.clients.your-server.de
widget.whatshelp.io
3    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
1    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
Domain Requested by
21 llf.kz llf.kz
8 mc.yandex.ru 2 redirects llf.kz
mc.yandex.ru
4 pagead2.googlesyndication.com llf.kz
pagead2.googlesyndication.com
3 www.mfl.kz llf.kz
3 mfl.kz 3 redirects
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 zero.kz 1 redirects llf.kz
2 fonts.gstatic.com llf.kz
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 widget.whatshelp.io static.whatshelp.io
1 static.whatshelp.io llf.kz
1 fonts.googleapis.com llf.kz
1 informer.yandex.ru llf.kz
46 15
Subject Issuer Validity Valid
bs.yandex.ru
Yandex CA		 2018-10-03 -
2019-10-03		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-04-30 -
2019-07-23		 3 months crt.sh
zero.kz
Let's Encrypt Authority X3		 2019-04-10 -
2019-07-09		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://llf.kz/
Frame ID: 5E16A873682BB6A547A1EE7779D687C5
Requests: 35 HTTP requests in this frame

Frame: http://llf.kz/adv/google.html
Frame ID: E91E6AF449F869E020B0E76686D2F94D
Requests: 7 HTTP requests in this frame

Frame: http://widget.whatshelp.io/widget/wSendButton?whatsapp=%2B77014925555&company_logo_url=%2F%2Fmfl.kz%2Fimages%2Fl.png&greeting_message=%D0%97%D0%B0%D0%B4%D0%B0%D0%B9%D1%82%D0%B5%20%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%20%D0%B2%20whatsapp&call_to_action=%D0%9D%D0%B0%D0%BF%D0%B8%D1%88%D0%B8%D1%82%D0%B5%20%D0%9D%D0%B0%D0%BC&position=right&ga=false&branding=true&mobile=true&desktop=true&shift_vertical=0&shift_horizontal=0&domain=null&key=null&button_color=%23ff6550&parentWrapperId=wh-widget-send-button&clientHostname=llf.kz&showHelloPopup=1&isMobile=0
Frame ID: 5B0E83DAE96C6007651B477A0D82FE20
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20190513/r20190131/show_ads_impl.js
Frame ID: 1C0CE6B88F352A8936741E71993624B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190513/r20190131/zrt_lookup.html
Frame ID: BB0B755ACC2102C659211CF25F65B2C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7047550686384988&output=html&h=90&slotname=4895957136&adk=3904865671&adf=2098014276&w=728&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fllf.kz%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1558087818640&bpp=42&bdt=82&fdt=191&idt=192&shv=r20190513&cbv=r20190131&saldr=sa&correlator=2485216664482&frm=23&ife=1&pv=2&ga_vid=491737506.1558087819&ga_sid=1558087819&ga_hid=1198362896&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=335&biw=1585&bih=1200&isw=750&ish=150&ifk=4292223825&scr_x=0&scr_y=0&eid=20040081%2C21060853&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C750%2C150&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&jar=2019-05-17-10&ifi=1&uci=1.55z8gboghe5x&fsb=1&dtd=214
Frame ID: 27C36CD0F0DA9DEF4AE49ADD6FFD4EBB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^google_ad_/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i

Page Statistics

46
Requests

37 %
HTTPS

79 %
IPv6

12
Domains

15
Subdomains

14
IPs

4
Countries

613 kB
Transfer

1367 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://mfl.kz/images/1.gif HTTP 301
  • http://www.mfl.kz/images/1.gif
Request Chain 9
  • http://mfl.kz/gallery/tn_pic_002677.jpg HTTP 301
  • http://www.mfl.kz/gallery/tn_pic_002677.jpg
Request Chain 10
  • http://mfl.kz/images/blank.gif HTTP 301
  • http://www.mfl.kz/images/blank.gif
Request Chain 21
  • http://mc.yandex.ru/metrika/watch.js HTTP 301
  • https://mc.yandex.ru/metrika/watch.js
Request Chain 29
  • http://zero.kz/c.php?u=2770&t=1&wd=1600&hg=1200&du=http%3A//llf.kz/&rf= HTTP 301
  • https://zero.kz/c.php?u=2770&t=1&wd=1600&hg=1200&du=http%3A//llf.kz/&rf=
Request Chain 33
  • https://mc.yandex.ru/watch/50291221?wmode=7&page-url=http%3A%2F%2Fllf.kz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1558087817091%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190517101018%3Aet%3A1558087819%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A43956571%3Ahid%3A415808914%3Ads%3A0%2C93%2C1078%2C1%2C0%2C0%2C0%2C178%2C0%2C%2C%2C%2C1353%3Afp%3A1374%3Awn%3A40437%3Ahl%3A2%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1558087819%3Au%3A1558087819107268048%3At%3A%D0%9C%D0%B8%D0%BD%D0%B8-%D0%A4%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D0%9B%D0%B8%D0%B3%D0%B0 HTTP 302
  • https://mc.yandex.ru/watch/50291221/1?wmode=7&page-url=http%3A%2F%2Fllf.kz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1558087817091%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190517101018%3Aet%3A1558087819%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A43956571%3Ahid%3A415808914%3Ads%3A0%2C93%2C1078%2C1%2C0%2C0%2C0%2C178%2C0%2C%2C%2C%2C1353%3Afp%3A1374%3Awn%3A40437%3Ahl%3A2%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1558087819%3Au%3A1558087819107268048%3At%3A%D0%9C%D0%B8%D0%BD%D0%B8-%D0%A4%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D0%9B%D0%B8%D0%B3%D0%B0

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
llf.kz/ 		56 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
7e46fc1119101a6a9a83e7c4804d58a73aa52444b8419b1e0edb5de676b61900
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Host
llf.kz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Fri, 17 May 2019 10:10:18 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Powered-By
PleskLin
Content-Encoding
gzip
llf_new.css
llf.kz/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://llf.kz/llf_new.css?ver=1.2
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
6925b0f2c0391babbfd37c3d7c03db0eb3f918bcb17240f1b694101aa45178ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 07 Sep 2018 16:18:30 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5b92a4d6-13a8"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.svg
llf.kz/images/ 		18 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/logo.svg
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
77b5e496c3a2daf8d67af8469ef525453c652e06143bcae49da6c858d3694751
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 25 Jan 2019 10:40:37 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5c4ae7a5-4611"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
part0.png
llf.kz/images/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/part0.png
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
d60782beacd8d9e9ef7df6f9ef017b481b032789cf961e512cd595a6480a905b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 25 Jan 2019 10:40:37 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
67554
ETag
"5c4ae7a5-107e2"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vk.svg
llf.kz/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/vk.svg
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
19e607ee6a028cd7761fceb70b48ffadd9f48e103a5ee7bdab8bec5e5addb230
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 25 Jan 2019 10:40:37 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5c4ae7a5-6e6"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
instagram.svg
llf.kz/images/ 		906 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/instagram.svg
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b1138ffe1cab56f36bf17ed21c870f3b7c65d11d9b3e116b764d38111c06219a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 25 Jan 2019 10:40:37 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5c4ae7a5-38a"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
facebook.svg
llf.kz/images/ 		652 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/facebook.svg
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
6f4c65523041df47c13deeccc9baf876d324078bed232c87b7e94835e3159663
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 25 Jan 2019 10:40:37 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5c4ae7a5-28c"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
youtube.svg
llf.kz/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/youtube.svg
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
80f78d0861d3d095e206f5f53f6564b8fe88619f494e853ff073acf1723d50ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 25 Jan 2019 10:40:37 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5c4ae7a5-c31"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
joma.png
llf.kz/images/ 		953 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/joma.png
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx /
Resource Hash
027365afb943c61cee0dc1c0444840da3c3d6490298b5acd7c613b5edf2fdb3e

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Apr 2014 16:53:31 GMT
Server
nginx
ETag
W/"3b9-4f73fdf7798c0"
Vary
Accept-Encoding
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
1.gif
www.mfl.kz/images/
Redirect Chain
  • http://mfl.kz/images/1.gif
  • http://www.mfl.kz/images/1.gif
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfl.kz/images/1.gif
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
195.210.46.45 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
srv-plesk05.ps.kz
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

Date
Fri, 17 May 2019 10:10:18 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/html
Location
http://www.mfl.kz/images/1.gif
Connection
keep-alive
Content-Length
178
tn_pic_002677.jpg
www.mfl.kz/gallery/
Redirect Chain
  • http://mfl.kz/gallery/tn_pic_002677.jpg
  • http://www.mfl.kz/gallery/tn_pic_002677.jpg
27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfl.kz/gallery/tn_pic_002677.jpg
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
195.210.46.45 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
srv-plesk05.ps.kz
Software
nginx / PleskLin
Resource Hash
1f3b2bb2a4cf970aee9b5a8273e538c2f10aa46b85f22856f024815c5dd1b149
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 26 Nov 2012 08:58:58 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28111
ETag
"50b32f52-6dcf"
Expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date
Fri, 17 May 2019 10:10:18 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/html
Location
http://www.mfl.kz/gallery/tn_pic_002677.jpg
Connection
keep-alive
Content-Length
178
blank.gif
www.mfl.kz/images/
Redirect Chain
  • http://mfl.kz/images/blank.gif
  • http://www.mfl.kz/images/blank.gif
49 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfl.kz/images/blank.gif
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
195.210.46.45 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
srv-plesk05.ps.kz
Software
nginx / PleskLin
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 26 Nov 2012 07:32:36 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49
ETag
"50b31b14-31"
Expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date
Fri, 17 May 2019 10:10:18 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/html
Location
http://www.mfl.kz/images/blank.gif
Connection
keep-alive
Content-Length
178
part4.png
llf.kz/images/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/part4.png
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
c79910a19e54005f261b0bbf7c5307b952ab371dc615f56739bbe78df483b35d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 25 Jan 2019 10:40:37 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59056
ETag
"5c4ae7a5-e6b0"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
part44.png
llf.kz/images/ 		953 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/part44.png
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx /
Resource Hash
027365afb943c61cee0dc1c0444840da3c3d6490298b5acd7c613b5edf2fdb3e

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Apr 2014 16:53:31 GMT
Server
nginx
ETag
W/"3b9-4f73fdf7798c0"
Vary
Accept-Encoding
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
part22.png
llf.kz/images/ 		953 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/part22.png
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx /
Resource Hash
027365afb943c61cee0dc1c0444840da3c3d6490298b5acd7c613b5edf2fdb3e

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Apr 2014 16:53:31 GMT
Server
nginx
ETag
W/"3b9-4f73fdf7798c0"
Vary
Accept-Encoding
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
part1.png
llf.kz/images/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/part1.png
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
96d7934f6d09ff0af7e3a8dabe94c177c7c6650bf4aae65bff284df401e9f309
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 25 Jan 2019 10:40:37 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61155
ETag
"5c4ae7a5-eee3"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vk.png
llf.kz/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/vk.png
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
5a8e07a44eb7eae6495895cbacba3ff270531156ae6b5325988d9d3ef23da0d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 25 Jan 2019 10:40:37 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3118
ETag
"5c4ae7a5-c2e"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
in.png
llf.kz/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/in.png
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
f9e350b0c23bd4450d00385f77405a31e96f591f15c162852039f59c07b8df64
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 25 Jan 2019 10:40:37 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5468
ETag
"5c4ae7a5-155c"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
fb.png
llf.kz/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/fb.png
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
807b451977868ec42e1aeb7daafba427ea20dc3431e3e39e58edd49e9d90a3e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 25 Jan 2019 10:40:37 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2041
ETag
"5c4ae7a5-7f9"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
yt.png
llf.kz/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/yt.png
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b0a29bce2bc5b41c8928edbd0f21c043a9008a0148606c9201408ed3b33b8b42
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 25 Jan 2019 10:42:51 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2439
ETag
"5c4ae82b-987"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
3_1_FFFFFFFF_EFEFEFFF_0_pageviews
informer.yandex.ru/informer/50291221/ 		66 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://informer.yandex.ru/informer/50291221/3_1_FFFFFFFF_EFEFEFFF_0_pageviews
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
5c30d9d57a307c4ab3d0fde03c904122549e947249fc02de93b651770ee83057

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Server
nginx/1.12.2
Connection
keep-alive
Content-Length
66
Content-Type
text/html
css
fonts.googleapis.com/ 		2 KB
592 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
85fa13d14d6366641e4f296d18632917cd48037dd368118476b8ba86b79089b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 17 May 2019 10:10:18 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 17 May 2019 10:10:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Fri, 17 May 2019 10:10:18 GMT
watch.js
mc.yandex.ru/metrika/
Redirect Chain
  • http://mc.yandex.ru/metrika/watch.js
  • https://mc.yandex.ru/metrika/watch.js
132 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
4cb9f1d889f92113dbb3129f45523b0db93a4efd42090ff8eb122bc70b600732
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
br
Last-Modified
Mon, 29 Apr 2019 09:34:44 GMT
Server
nginx/1.12.2
ETag
"5cc6c534-9b15"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
39701
Expires
Fri, 17 May 2019 11:10:18 GMT

Redirect headers

Location
https://mc.yandex.ru/metrika/watch.js
Date
Fri, 17 May 2019 10:10:18 GMT
Server
nginx/1.12.2
Connection
keep-alive
Content-Length
185
Content-Type
text/html
google.html
llf.kz/adv/ Frame E91E 		284 B
606 B 		Document
General
Check archive.org
Download Go to
Full URL
http://llf.kz/adv/google.html
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
aadcaa15b7cf3573d221a2fa8274405125d83cf048b7add3241bef9430a6a3db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Host
llf.kz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://llf.kz/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://llf.kz/

Response headers

Server
nginx
Date
Fri, 17 May 2019 10:10:18 GMT
Content-Type
text/html
Last-Modified
Sun, 19 Aug 2018 23:25:50 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"5b79fc7e-11c"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
X-Content-Type-Options
nosniff
X-Powered-By
PleskLin
Content-Encoding
gzip
bg3.gif
llf.kz/images/ 		953 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/bg3.gif
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx /
Resource Hash
027365afb943c61cee0dc1c0444840da3c3d6490298b5acd7c613b5edf2fdb3e

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Apr 2014 16:53:31 GMT
Server
nginx
ETag
W/"3b9-4f73fdf7798c0"
Vary
Accept-Encoding
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
ban.png
llf.kz/images/ 		953 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/ban.png
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx /
Resource Hash
027365afb943c61cee0dc1c0444840da3c3d6490298b5acd7c613b5edf2fdb3e

Request headers

Referer
http://llf.kz/llf_new.css?ver=1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Apr 2014 16:53:31 GMT
Server
nginx
ETag
W/"3b9-4f73fdf7798c0"
Vary
Accept-Encoding
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
blank.gif
llf.kz/images/ 		953 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://llf.kz/images/blank.gif
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
2a00:5da0:1000::105 , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx /
Resource Hash
027365afb943c61cee0dc1c0444840da3c3d6490298b5acd7c613b5edf2fdb3e

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Apr 2014 16:53:31 GMT
Server
nginx
ETag
W/"3b9-4f73fdf7798c0"
Vary
Accept-Encoding
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto
Origin
http://llf.kz

Response headers

date
Mon, 25 Mar 2019 20:19:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:33 GMT
server
sffe
age
4542646
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:19:32 GMT
KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v19/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto
Origin
http://llf.kz

Response headers

date
Mon, 25 Mar 2019 20:23:36 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:13:22 GMT
server
sffe
age
4542402
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
6720
x-xss-protection
1; mode=block
expires
Tue, 24 Mar 2020 20:23:36 GMT
tag.js
mc.yandex.ru/metrika/ 		332 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
b40168390afd721c2c0effd9b3b132b6d5334aff57106389b1aafa37a0a7af33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
br
Last-Modified
Mon, 29 Apr 2019 09:34:44 GMT
Server
nginx/1.12.2
ETag
"5cc6c534-1555e"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
87390
Expires
Fri, 17 May 2019 11:10:18 GMT
c.php
zero.kz/
Redirect Chain
  • http://zero.kz/c.php?u=2770&t=1&wd=1600&hg=1200&du=http%3A//llf.kz/&rf=
  • https://zero.kz/c.php?u=2770&t=1&wd=1600&hg=1200&du=http%3A//llf.kz/&rf=
0
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zero.kz/c.php?u=2770&t=1&wd=1600&hg=1200&du=http%3A//llf.kz/&rf=
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:5da0:1000:1::ec , Kazakhstan, ASN48716 (PS, KZ),
Reverse DNS
Software
nginx / PHP/7.3.5
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 May 2019 10:10:19 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.5
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
200
strict-transport-security
max-age=31536000

Redirect headers

Location
https://zero.kz/c.php?u=2770&t=1&wd=1600&hg=1200&du=http%3A//llf.kz/&rf=
Date
Fri, 17 May 2019 10:10:18 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
init.js
static.whatshelp.io/widget-send-button/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.whatshelp.io/widget-send-button/js/init.js
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Server
78.46.57.120 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.120.57.46.78.clients.your-server.de
Software
nginx/1.6.2 /
Resource Hash
0c65ee2686c12d73ae59fd5f591760a738451953eddfe5679f08d5226d269371

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Nov 2018 10:08:16 GMT
Server
nginx/1.6.2
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0, must-revalidate
Connection
keep-alive
wSendButton
widget.whatshelp.io/widget/ Frame 5B0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://widget.whatshelp.io/widget/wSendButton?whatsapp=%2B77014925555&company_logo_url=%2F%2Fmfl.kz%2Fimages%2Fl.png&greeting_message=%D0%97%D0%B0%D0%B4%D0%B0%D0%B9%D1%82%D0%B5%20%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%20%D0%B2%20whatsapp&call_to_action=%D0%9D%D0%B0%D0%BF%D0%B8%D1%88%D0%B8%D1%82%D0%B5%20%D0%9D%D0%B0%D0%BC&position=right&ga=false&branding=true&mobile=true&desktop=true&shift_vertical=0&shift_horizontal=0&domain=null&key=null&button_color=%23ff6550&parentWrapperId=wh-widget-send-button&clientHostname=llf.kz&showHelloPopup=1&isMobile=0
Requested by
Host: static.whatshelp.io
URL: http://static.whatshelp.io/widget-send-button/js/init.js
Protocol
HTTP/1.1
Server
95.216.228.15 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.15.228.216.95.clients.your-server.de
Software
nginx/1.16.0 /
Resource Hash

Request headers

Host
widget.whatshelp.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://llf.kz/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://llf.kz/

Response headers

Server
nginx/1.16.0
Date
Fri, 17 May 2019 10:10:18 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame E91E 		61 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: llf.kz
URL: http://llf.kz/adv/google.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
3595385f76cbb719b3571a92ec5749f32e48c98507c5906ccd7d2671cc2043f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://llf.kz/adv/google.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
1661342887543768823
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
23850
X-XSS-Protection
0
Expires
Fri, 17 May 2019 10:10:18 GMT
1
mc.yandex.ru/watch/50291221/
Redirect Chain
  • https://mc.yandex.ru/watch/50291221?wmode=7&page-url=http%3A%2F%2Fllf.kz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1558087817091%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3...
  • https://mc.yandex.ru/watch/50291221/1?wmode=7&page-url=http%3A%2F%2Fllf.kz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1558087817091%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/50291221/1?wmode=7&page-url=http%3A%2F%2Fllf.kz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1558087817091%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190517101018%3Aet%3A1558087819%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A43956571%3Ahid%3A415808914%3Ads%3A0%2C93%2C1078%2C1%2C0%2C0%2C0%2C178%2C0%2C%2C%2C%2C1353%3Afp%3A1374%3Awn%3A40437%3Ahl%3A2%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1558087819%3Au%3A1558087819107268048%3At%3A%D0%9C%D0%B8%D0%BD%D0%B8-%D0%A4%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D0%9B%D0%B8%D0%B3%D0%B0
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 May 2019 10:10:18 GMT
Last-Modified
Fri, 17-May-2019 10:10:18 GMT
Server
nginx/1.12.2
Location
/watch/50291221/1?wmode=7&page-url=http%3A%2F%2Fllf.kz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1558087817091%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190517101018%3Aet%3A1558087819%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A43956571%3Ahid%3A415808914%3Ads%3A0%2C93%2C1078%2C1%2C0%2C0%2C0%2C178%2C0%2C%2C%2C%2C1353%3Afp%3A1374%3Awn%3A40437%3Ahl%3A2%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1558087819%3Au%3A1558087819107268048%3At%3A%D0%9C%D0%B8%D0%BD%D0%B8-%D0%A4%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D0%9B%D0%B8%D0%B3%D0%B0
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
http://llf.kz
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Fri, 17-May-2019 10:10:18 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 17 May 2019 10:10:18 GMT
Last-Modified
Fri, 17-May-2019 10:10:18 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
http://llf.kz
Strict-Transport-Security
max-age=31536000
Location
/watch/50291221/1?wmode=7&page-url=http%3A%2F%2Fllf.kz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1558087817091%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190517101018%3Aet%3A1558087819%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A43956571%3Ahid%3A415808914%3Ads%3A0%2C93%2C1078%2C1%2C0%2C0%2C0%2C178%2C0%2C%2C%2C%2C1353%3Afp%3A1374%3Awn%3A40437%3Ahl%3A2%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1558087819%3Au%3A1558087819107268048%3At%3A%D0%9C%D0%B8%D0%BD%D0%B8-%D0%A4%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D0%9B%D0%B8%D0%B3%D0%B0
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Fri, 17-May-2019 10:10:18 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://llf.kz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.12.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Fri, 17 May 2019 11:10:18 GMT
integrator.js
adservice.google.de/adsid/ Frame E91E 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=llf.kz
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://llf.kz/adv/google.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 May 2019 10:10:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E91E 		122 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=llf.kz
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7d63af9da0b42a75b7c4a3045c0030cc135763bdf1e2204855eb98189fd448a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://llf.kz/adv/google.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 May 2019 10:10:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
119
x-xss-protection
0
ca-pub-7047550686384988.js
pagead2.googlesyndication.com/pub-config/r20160913/ Frame E91E 		68 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7047550686384988.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://llf.kz/adv/google.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 May 2019 10:10:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
content-type
text/javascript
status
200
cache-control
public, max-age=43200
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
88
x-xss-protection
0
expires
Fri, 17 May 2019 22:10:18 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190513/r20190131/ Frame E91E 		204 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190513/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
834319b17f5e63b6b13ca9f6872fb79d776b0f4757d754ccc0d96be2c4969d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://llf.kz/adv/google.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
9855672473104926497
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
77648
X-XSS-Protection
0
Expires
Fri, 17 May 2019 10:10:18 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190513/r20190131/ Frame 1C0C 		204 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190513/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
834319b17f5e63b6b13ca9f6872fb79d776b0f4757d754ccc0d96be2c4969d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://llf.kz/adv/google.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 17 May 2019 10:10:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
9855672473104926497
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
77648
X-XSS-Protection
0
Expires
Fri, 17 May 2019 10:10:18 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190513/r20190131/ Frame BB0B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190513/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190513/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://llf.kz/adv/google.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://llf.kz/adv/google.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 13 May 2019 13:07:57 GMT
expires
Mon, 27 May 2019 13:07:57 GMT
content-type
text/html; charset=UTF-8
etag
7423447574459395779
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6990
x-xss-protection
0
cache-control
public, max-age=1209600
age
334941
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
1
mc.yandex.ru/watch/50291221/ 		152 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/50291221/1?wmode=7&page-url=http%3A%2F%2Fllf.kz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1558087817091%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190517101018%3Aet%3A1558087819%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A43956571%3Ahid%3A415808914%3Ads%3A0%2C93%2C1078%2C1%2C0%2C0%2C0%2C178%2C0%2C%2C%2C%2C1353%3Afp%3A1374%3Awn%3A40437%3Ahl%3A2%3Agdpr%3A14%3Av%3A1548%3Awv%3A2%3Ast%3A1558087819%3Au%3A1558087819107268048%3At%3A%D0%9C%D0%B8%D0%BD%D0%B8-%D0%A4%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D0%9B%D0%B8%D0%B3%D0%B0
Requested by
Host: llf.kz
URL: http://llf.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
b4cf9ba3eacdea14f39f703d97f4fb0a385f597e61306e21a9bf4a0a054ec9b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://llf.kz/
Origin
http://llf.kz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 17 May 2019 10:10:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 17-May-2019 10:10:18 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://llf.kz
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Fri, 17-May-2019 10:10:18 GMT
17735224
mc.yandex.ru/watch/ 		114 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/17735224?wmode=7&page-url=http%3A%2F%2Fllf.kz%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1558087817091%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1585x1200%3Ai%3A20190517101018%3Aet%3A1558087819%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A816058145%3Ahid%3A415808914%3Ads%3A0%2C93%2C1078%2C1%2C0%2C0%2C0%2C178%2C0%2C%2C%2C%2C1353%3Afp%3A1374%3Agdpr%3A14%3Av%3A1545%3Ast%3A1558087819%3Au%3A1558087819107268048%3At%3A%D0%9C%D0%B8%D0%BD%D0%B8-%D0%A4%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D0%9B%D0%B8%D0%B3%D0%B0
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
1184c3b728413e62291234df16ba1d68030840d996705732073a956b2bb76c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://llf.kz/
Origin
http://llf.kz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 17 May 2019 10:10:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 17-May-2019 10:10:18 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://llf.kz
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
114
X-XSS-Protection
1; mode=block
Expires
Fri, 17-May-2019 10:10:18 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 27C3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7047550686384988&output=html&h=90&slotname=4895957136&adk=3904865671&adf=2098014276&w=728&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fllf.kz%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1558087818640&bpp=42&bdt=82&fdt=191&idt=192&shv=r20190513&cbv=r20190131&saldr=sa&correlator=2485216664482&frm=23&ife=1&pv=2&ga_vid=491737506.1558087819&ga_sid=1558087819&ga_hid=1198362896&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=335&biw=1585&bih=1200&isw=750&ish=150&ifk=4292223825&scr_x=0&scr_y=0&eid=20040081%2C21060853&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C750%2C150&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&jar=2019-05-17-10&ifi=1&uci=1.55z8gboghe5x&fsb=1&dtd=214
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190513/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7047550686384988&output=html&h=90&slotname=4895957136&adk=3904865671&adf=2098014276&w=728&guci=1.2.0.0.2.2.0.0&url=http%3A%2F%2Fllf.kz%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1558087818640&bpp=42&bdt=82&fdt=191&idt=192&shv=r20190513&cbv=r20190131&saldr=sa&correlator=2485216664482&frm=23&ife=1&pv=2&ga_vid=491737506.1558087819&ga_sid=1558087819&ga_hid=1198362896&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=580&ady=335&biw=1585&bih=1200&isw=750&ish=150&ifk=4292223825&scr_x=0&scr_y=0&eid=20040081%2C21060853&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C750%2C150&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=23&jar=2019-05-17-10&ifi=1&uci=1.55z8gboghe5x&fsb=1&dtd=214
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://llf.kz/adv/google.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://llf.kz/adv/google.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 17 May 2019 10:10:19 GMT
server
cafe
content-length
36785
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 17-May-2019 10:25:18 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Fri, 17 May 2019 10:10:19 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ Frame E91E 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190513/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
477a6024d6d851678c69ba63dd809ad308929d173ef21ed62d7bc8b0176928de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://llf.kz/adv/google.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 17 May 2019 10:10:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1557327549562739"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28709
x-xss-protection
0
expires
Fri, 17 May 2019 10:10:18 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| openEnb function| advert function| openLoud number| cz_user number| cz_type string| cz_str function| Cookie function| WidgetDetect function| WidgetDOM function| WidgetHelper function| WidgetElement function| WhWidgetSendButton function| WidgetInitializer function| WidgetSendButtonBase function| ParentWindowHelper function| WidgetSize function| Animates function| AnimationControl function| StateMashine function| WidgetSendButtonContainer object| Ya object| yaCounter50291221 object| google_reactive_ads_global_state object| yaCounter17735224 object| google_jobrunner object| google_ad_modifications number| google_global_correlator object| google_prev_clients

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
console-api error URL: https://mc.yandex.ru/metrika/tag.js(Line 236)
Message:
FATAL [init-failed]:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
informer.yandex.ru
llf.kz
mc.yandex.ru
mfl.kz
pagead2.googlesyndication.com
static.whatshelp.io
widget.whatshelp.io
www.googletagservices.com
www.mfl.kz
zero.kz
195.210.46.45
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:815::2002
2a00:1450:4001:815::200a
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2003
2a00:1450:4001:824::2002
2a00:5da0:1000:1::ec
2a00:5da0:1000::105
2a02:6b8::1:119
78.46.57.120
95.216.228.15
027365afb943c61cee0dc1c0444840da3c3d6490298b5acd7c613b5edf2fdb3e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0c65ee2686c12d73ae59fd5f591760a738451953eddfe5679f08d5226d269371
1184c3b728413e62291234df16ba1d68030840d996705732073a956b2bb76c55
19e607ee6a028cd7761fceb70b48ffadd9f48e103a5ee7bdab8bec5e5addb230
1f3b2bb2a4cf970aee9b5a8273e538c2f10aa46b85f22856f024815c5dd1b149
3595385f76cbb719b3571a92ec5749f32e48c98507c5906ccd7d2671cc2043f8
477a6024d6d851678c69ba63dd809ad308929d173ef21ed62d7bc8b0176928de
4cb9f1d889f92113dbb3129f45523b0db93a4efd42090ff8eb122bc70b600732
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a8e07a44eb7eae6495895cbacba3ff270531156ae6b5325988d9d3ef23da0d1
5c30d9d57a307c4ab3d0fde03c904122549e947249fc02de93b651770ee83057
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6925b0f2c0391babbfd37c3d7c03db0eb3f918bcb17240f1b694101aa45178ec
6f4c65523041df47c13deeccc9baf876d324078bed232c87b7e94835e3159663
77b5e496c3a2daf8d67af8469ef525453c652e06143bcae49da6c858d3694751
7d63af9da0b42a75b7c4a3045c0030cc135763bdf1e2204855eb98189fd448a4
7e46fc1119101a6a9a83e7c4804d58a73aa52444b8419b1e0edb5de676b61900
807b451977868ec42e1aeb7daafba427ea20dc3431e3e39e58edd49e9d90a3e7
80f78d0861d3d095e206f5f53f6564b8fe88619f494e853ff073acf1723d50ee
834319b17f5e63b6b13ca9f6872fb79d776b0f4757d754ccc0d96be2c4969d73
85fa13d14d6366641e4f296d18632917cd48037dd368118476b8ba86b79089b0
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
96d7934f6d09ff0af7e3a8dabe94c177c7c6650bf4aae65bff284df401e9f309
aadcaa15b7cf3573d221a2fa8274405125d83cf048b7add3241bef9430a6a3db
b0a29bce2bc5b41c8928edbd0f21c043a9008a0148606c9201408ed3b33b8b42
b1138ffe1cab56f36bf17ed21c870f3b7c65d11d9b3e116b764d38111c06219a
b40168390afd721c2c0effd9b3b132b6d5334aff57106389b1aafa37a0a7af33
b4cf9ba3eacdea14f39f703d97f4fb0a385f597e61306e21a9bf4a0a054ec9b1
c79910a19e54005f261b0bbf7c5307b952ab371dc615f56739bbe78df483b35d
d60782beacd8d9e9ef7df6f9ef017b481b032789cf961e512cd595a6480a905b
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9e350b0c23bd4450d00385f77405a31e96f591f15c162852039f59c07b8df64